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(57) The present invention provides a system to 
ensure security of data in a computer network system 

1??!' CCrti,ieS 3 P*** 8 * <* user of the system and 
d,str.butes a secret-key. A first system comprises the 

J° 3 netW ° rK an inforn «tion provider and a plu- 
ralrty of users. The center identifies utilization status by 
requests of the secret-key. The data is encrypted by the 
secret-key and is stored and transferred, while the data 

k evf ;fSr r ^ and I ansferred is encry p ted a se ^1- 

key different from the secret-key for the transferred data 

r ta i!f ,e, iS added t0 the or, '9 inal ** a <* 
an edrt label .s added to the edited data, and the center 

"°lT e the and stores on| y original data 
label and the edit label. A second system comprises a 

nhlSl 3 ? a " information P f0vi der in a network, and a 
plurality of users utilizing the network. The center stores 

1, hT, J f and 6ditin9 scenario - and al *> the orig- 

tZtT ^ US6r ,abe ' and ,abel - The *•* ^ "°t 
transferred between the users, but data label encrypted 
by the publ.c-key is transferred. In electronic commerce 
system, every data is distributed through a mediator in 
the network, data which is transferred from a maker to a 
user .s encrypted by a secret-key for encryption, and 

f W S J S transferred from user to the maker is 
encrypted by a secret-key for re-encryption 
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Description 
BACKGROUND OF THE INVENTION 




' ™ ™e Present invention relates to a data manage- 
ment system for managing digital data, and in particular 
to a system, which can be effectively applied to copy- 

. nght management of copyrighted data, electronic com- 
merce and digital cash. 

As more and more information is available, data- 

«S Tf 5 Where " 1 many ^P^ers. which inde- 
pendently have stored various data, are connected via 
commun.cat.on lines to use the data mutually are 
becommg increasingly popular. Such database system 
has been so far possible to process only coded informa- 
tion conta.n,ng a small amount of information which can 
be processed by conventional computers and at the 
most monochrome binary data such as facsimile infor- 
mat,on and faing to handle natural and moving pictures 
that include a substantially large amount of information 
Digital processing techniques for various electric 
signals are being developed, and efforts are beino 
made to apply such techniques to those dynamic pic 
ture signals other than binary data which were proc- 

SSfL 3 ?,' 09 S ! 9na,S - Snce ,he Nation of picture 
nSf k k !f P,CtUre Si9na,S Such 35 «****on sig- 
nals to be handled by computers, people are viewing as 

ITTk 9 ^"'We a "multimedia system" that can 
deal wrth both various data that can be processed by 
computers and picture data that is digitized picture sig- 

a ™ a " + Ce ,' 3i< i Ure *** COntains a significantly larger 
amount of information than character data or audio 
data, rt cannot be stored, transmitted, or subjected to 

m^ r ^t ngS by in its ortglM form. 

Attempts have thus been made to compression/expan- 
se of p ,cture data, and some picture data compres- 
swn/e^ans.on standards have been prepared. These 
standards include the following common standards: the 

£2^22TS ,ma9e Codlno Experts Grau P 

(JPEG) standards for still pictures, the H.261 standards 
for video conferences, the Moving Picture Image Cod- 
ing Experts Group 1 (MPEG1) standards for picture 
storage, and the MPEG2 standards for both easting tel- 
evision broadcasting and future high-definition televi- 

dMta. °f "If* 7,1626 iechni W<* have enabled 
digital picture data to be processed in real-time 

Since analog data, which is conventionally popular 

!!LSS2f 5* time a is *"* copied - edited 

transmitted little notice has been taken of the control of 
the copyright associated with these operations. Digital 

c^n^Zf- fe ° 0t d69rad6d after re P eated coring, 
copying, editing, and transmission, such control of the 
control of the copyright associated with these opera- 

^ons.s s.gnificanl. There has been no adequate method 
for controlling the copyright for digital data; the copyright 

TT 6 aS6d ° n the ^ ,aw ° r relevant con- 
tracts. The copyright law simply establishes a compen- 
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sation system for digital recording or equipment thereof. 

A database not only has its contents referenced but 
is also used to effectively use data obtained through 
storing, copying, and editing, and it is possible to trans- 
fer edited data to a different user via on-line basis such 
as a communication One or via off-line basis using 
appropnate recording medium or to transfer it to the 
database to be registered as new data. Although con- 
ventional databases have dealt with only character 
data, databases in multimedia system contain audio 
and p,cture data that are inherently analog, in addition 
to databased character data. 

Under these circumstances, the control of the cop- 
yright for data in databases is very important, but no 
copyright management means that is particularly appli- 
cable to secondary use such as copying, editing, and 
transmission has been completed. 

In data communication using computers has been 
earned out in relatively small scale in the past, computer 
communication system called "Internet" has shown 
rapid progress in the past several years, and it is now 
being developed to a system closer and familiar to eve- 
rybody. The information used in communication of this 
Internet system has been initially limited to character 
information only. but. with the progress of technique 
audio data and picture data are now used. At present' 
even electronic commerce data or digital cash data for 
which reliability and confidentiality are important factors 
are now being used in the Internet system. 

Under such circumstances, it has become neces- 
sary to establish new techniques to ensure and guaran- 
tee security to keep confidentiality and reliability of the 
processed data and also of the case where it is neces- 
sary to charge and collect a fee. 

In the information data, i.e. copyrighted data, for 
wh.ch fee is charged when utilizing such data, copyright 
is asserted in most cases, while there are information 
data such as personal mail, advertisement and propa- 
ganda data, etc., for which copyright is not positively 
asserted. For example, in case of a personal man. for 
which copyright is not asserted, it is important to main- 
tain privacy and to prevent falsification or forgery of the 
contents. Even in the data for advertisement and propa- 
ganda, which is usually not associated with assertion of 
copyright, damage or impairment may often occur due 
to falsification of the contents or business activities may 
be disturbed because of distribution of the data to the 
people other than those originally aimed or such trouble 
may be caused by false data. 

As described above, it is essential in case of per- 
sonal mail to stop falsification of contents, to prevent 
infringement of privacy and to exclude forgery For the 
advertisement and propaganda data. H is necessary to 
prevent falsification of data contents, to restrict looking 
and to exclude forgery. 

The prevention of infringement of privacy in the per- 
sonal mail and the restriction of looking of the advertise- 
ment and propaganda data can be achieved by 
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encryption of data. The prevention of forgery of the per- 
sonal mail and the advertisement and propaganda data 
and the exclusion of falsification of the personal mail 
and the advertisement and propaganda data can be 
attained by confirmation (certification) of the sender or e 
the transmitter of the data. 

The Internet system is based on grass-roots con- 
cept and is a very fragile system as far as security of the 
system itself is concerned, various systems for main- 
taining security of the Internet system have been pro- w 
posed, and typical systems are PEM (Privacy 
Enhanced Mail) adopting hierarchical structure and 
PGP (Pretty Good Privacy) adopting horizontal distrib- 
uted structure. These systems are effective to maintain 
conf .dentiality of data and to provide certification of the is 
transmitting source, certification on non-falsification of 
the data, display of the first transmitter and control of 
public-key, while it is not possible by these systems to 
restrict re-utilization of data including data editing 

PEM. adopting hierarchical structure, comprises so 
the most upper-level authority called IPRA (Internet 
PCA Registration Authority), a next upper-level author- 
ity called PCA (Policy Certification Authority), and the 
most lower-level authorities called Organizational, Res- 
idential and Personal respectively. Upper-level certifies 25 
ton authorrties issue a public-key certificate with digital 
signature on the data such as name of the lower-level 
authorrty for public-key of the lower-level authority/thus 
guaranteeing validity of the public-key. 

PGP. adopting horizontal distributed structure has 30 
no entity to correspond to the certification authority of 
PEM. and a reliable third person guarantees validity of 
the publ,c-key by issuing a public-key certificate with 
digital Sl9 nature to the data such as name of the public- 
key. In this PGP. there is a method called electronic fin- 3s 
gerpnnting to easily confirm the public-key. By this 
method, the public-key is hashed by one-way hash func- 
tion such as MD S (Message Digest 5). and 16-byte 
hash value is confirmed by voice. 

When PEM is compared with PGP, there is no prob- 40 
tan on the certifier in PEM. which adopts hierarchical 
structure, but this is not necessarily a commonly used 
system in the Internet System, which is based on grass- 
roots concept. On the other hand, PGP is a simplified 
system, which can be widely used. However, this cannot *> 
be utilized in case there is no reliable person to sign 

With recent development of computer network sys- 
tem, individual computers, used on stand-alone basis in 
the past, are connected together through the network 
system, and database system to commonly share the so 
data is now propagated. Further, distributed object sys- 
tem, has been proposed, in which application program 
or base software called operating system as well as 
data is also commonly shared through the network 

In the distributed object system, both data and soft- 55 
ware are supplied by a server as an object, which com- 
pnses program and data. In the distributed object 
system, there are two systems, i.e. a system called 



object container, in which operating system, application 
program and data are provided by a server and data 
processing and data storage are performed by a user 
terminal unit, which is an ordinary computer, and a sys- 
tem called server object, in which operating system 
application program and data are provided by a server' 
and data processing is performed by a user terminal 
unit called network computer, while data storage is car- 
ried out by a server. The server object system is further 
developed to a system, in which data processing is also 
performed by the server, and the user terminal unit is 
provided only with input/output function, and the whole 
system functions as a single computer. 

Another form of the network system called "license 
network" as rental network system, is considered. In 
this system, an enterprise providing network base such 
as communication lines also provides the systems other 
than communication lines such as fee charging system 
security system, copyright management system, certifi- 
cation system, etc. And a service enterprise utilizes 
these services and carries out network business as if it 
is his own system. 

SUMMARY OF THE INVENTION 



In the present application, the inventor proposes a 
data management system for protecting copyright of 
digital data, for maintaining security in electronic com- 
merce data and keeping security for digital cash data in 
an ordinary computer network system, a distributed 
object system and a license network system. 

A first aspect of the data management system of 
the present invention comprises a data management 
center on a network, an original copyright owner or an 
information provider and a plurality of users who use the 
network. The data management center certifies public- 
key of network users, distributes secret-key for data 
encryption corresponding to presentation of a user 
label, and identifies data utilization status by the request 
of the secret-key. The data is stored and transferred 
after having been encrypted using the secret-key. and 
the data is to be stored and transferred encrypted using 
a secret-key different from the secret-key for the data 
which has been transferred. An original data label is 
added to an original data, and an edit label is added to 
an edited data. The data management center does not 
store the data but stores only the original data label and 
the data relating to editing. A user label is used to 
request the secret-key, but electronic fingerprinting of 
the user label may be used instead. 

The second aspect of the data management sys- 
tem comprises a data management center on a net- 
work, an original copyright owner or an information 
provider and a plurality of users utilizing the network. 
The data management center certifies the public-key of 
the network users, and stores the original data and the 
editing scenario, and further stores the user label, the 
original data label and edit label. The data is not trans- 
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ferred between the users and the data label encrypted 

lu^T^- ' S tranSferr6d " *» tranier ITS 
request of utd.zation. the data label is used while elec 
^.ngerprinting of the data label may ^e ^ 

t^Jl?* 0 ™ comme ^ system, every data is dis- 
transferred from a maker to a user is encrypted bv a 
Zt y ^ enCryPti0n - and data whi <* * 

BRIEF DESCRIPTION OF THE DRAWINGS 

2L 1A t °, f ?- 10 6aCh 'Wants a drawing for 
explaining labels; 

Fig. 2A to Fig. 2D each represents a drawing for 
explainmg label, data header and data bcT 
Rg 3A to Fig. 3D each represents a drawing for 
exp'aimng encryption of data and label- 

2L 4A t0 ^ 40 a'drawing for 

e^la.n,ng encryption of data header and data 

fo R ' 9 - 5C 6aCh reDresen ts * drawing for 

SEE encrypton " ,abe »- data 

Rg 6A and Fig. 6B each represents^ drawing for 
explaining encryption of object file- 
Rg- 7 represents a conceptual structure of a data 
management system of a first embodiment of the 
present invention; 

2nf represents a conceptions structure of a data 
^nagement system of a second embodiment of 
tne present invention; 

Sn! ^ to ,.? xp,ain 3 Unique to generate data 
from a plurality of data; 

1° r6presents a exceptional structure of a 
£ ™ rana9 . ement ^m of a third embodiment of 
the present invention; 

Rjjt 11 represents a conception^ structure of a 

o ^ a l a9 r ient Sy$tem * 3 fourth embodiment 

of the present invention* 

SJcf Fi9 " 128 re P r esents a concep- 
S * 3 d3ta mana 9*™nt system of a 

fifth embodiment of the present invention 
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righted date, an information provider (IP) of the original 

l a t a ° f ,he 0ri9ina) ^'"ghted data 
and those who edit the original copyrighted data. There 
may be a single certifier or a plurality of certifiers. In 
case a plurality of certifiers are present they can be vir- 

SoTer 38 3 Sin9 ' e entity by ,inkina with 

this s *f tem - a set of public-key & private-key of 
each user and a secret-key different for each step of the 
use of the copyrighted data are used. Among these 
keys, the pnvate-key is managed under responsibility of 
each user and corresponding public-key is performed 

22? S '!!^ e by ,he Certifier ' so that *» reliabihty is 
maintained. The public-key is controlled by a key rrin- 

2fHT , *T ter 9enera,ly ""^ tey librar y '"s dis- 

Jnk a ^ UeSt ° f *' USer " Whi,e ft is P«. to 

link a certrf.er having certifying function with the key 

management center or to make the certifier also have a 
function of the key management center. 

-Crypt Key- 
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eSd^ R ' PT,0N ° F ™ E PREFERRED 

accoSinatY** deSCripti ° n ° f embodiments 
mTnt to the P? Sent invention - f ™ «rst embodi- 
Tmhl! ^ embodiment, basic explanation for these 
embedments are described hereinafter. 

--Certifier- 

Jn the present invention, it is necessary to have an 
entity, which certifies copyright owner of ofiginal Spy 
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a dJSf d6S f Pti ° n Wi " b€ 9iven on a ^ system and 
a d.grtal s.gnature system used in the invention 

tem-l?" 61 * 63 ?^ 6 " 1 is ate0 called '"»™on key sys- 
tem because the same key is used for encryption and 
decryption. Because it is necessary to keep *e key in 
secret, .t is also called "secret-key system" Tyofoai 
^^^Hon algorithm using secre^keyare 
DBS (Data Encryption Standard) system of National 
Bureau of Standards. FEAL (Fast Encryption Algorithm) 

X?7 l" 77 ' ^ M ' S1Y SyStem of Mitsubishi aectni 
Corp. In the embodiments described below, the secret- 
key is referred as "Ks". 

In contrast, the public-key system is a cryptosystem 
using a public . key being ma(Je pub)jc ^ J*J££ 

o^rnf r^rf to «** than the 

owner of tiie key. One key is used for encryption and the 

other key ,s used for decryption. Typical example is RSA 

SST^ S ^ 6m - the embodi ™nts described 
below, the pubUc-key is referred as "Kb", and the pri- 
vate-key is referred as "Kv". 

m- H{ ?: me operation to encrypt a data M as data 

%!Z£»: crypt09ram usin9 a *** key K is 

Ck=E(M. K) 

SI' ° Perat,0n t0 decryDt ^e cryptogram Ck to the 
data M using a crypt key K is expressed as: 



M = D (Ck. K). 

55 kev SS^T^* iS 3 t6ChniqUe ^9 * e P ub| ic- 
m ^ ? ' ' S SySt6m - 3 transfer turns the 

Ich as md Tn V3,Ue Hm by hash function 

such as MD 5. Using a pnvate-key Kv, the hash value 

Hm ,s encrypted to ChmKv and is transferred together 
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—Charging-- 

«™ £r a *• co " escondi " 9 » — « 

The method to charae a fpp s*^ +k« 

-Storing of Keys- 

,n f,rst ^ fourth embodiments rt « 
mation presents hw !?' ^ on user ,nfor " 
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prepares a user label and transmits it to the user Th« 
user stores the user label, and a userVpuwSe^, 
user s pnvate-key and a public-key of £ dEfl^S^ 

card or a PC card, while it is also possible to store in a 

te m !" fo " owina - description will be given on a svs- 

^.^^ «*• *« ar^ dig i 
data other than copyrighted data, requiring confident 
•ty. certainty and reliability of oomSnioJfafSSS" 
dealing contents, etc. such as electronic oSSSS 
data or d,g,tal cash data, and the present invenZ «n 
also be applied to these digital data 

In the network system using crypt key an entitv to 
store the crypt key and an entity to^^£%£ 

l^'r ^ ^e-nd^T 
deS rib i 5 "t? 0 * System ,n *e embodiment 
W ' rt ' S * ai a «"ng'e entity i e 

data managementcenter. serves as all of these 

25 -Label- 
In the present invention, labels are used tn 
fright of the data and to execute S? 

descr^on wil, be given on the labels, refeSr? to 

us J n ^r tem ; I US6r ,abe ' ° f the user is 

is S'J^ 6r ,abe '' informa «°n of the label owner 
descnbed as shown in Fig. 1A , n ^ 

owner has the original copyright, information rJSno 

Tb Zst ^'' 9 ^ 3 " Sdded 35 ^ownTnTg 9 
dL orS "W'"*** data is an edited copyright 
data obtained by editing the original ccpyrigWed Ste 
information relating to the data of nrwZJ? ' 
information of edit'too, a^i n °g ^Sg^ 
nano) are further added as shown in Fig c Tm 2 

the edit tool information as shown in Fig 1D 

tion ^T? T 636 ,abe ' S ' ** label w here only informa- 
tion of the label owner as shown in Fig. i A is dSriS 
s referred as "user labe.". and the labS with J£S£ 
relating copyrighted data as shown in Fig. , B £££ 
as copyr.ght label", and the label with information of Te 

fT™'^ 5 referred as teber as show ^ 

mentor V 315 ^ 5 88n6nUBd by »» dala ™ a °e- 
Xn SI COrd,n9 t0 the '"fo^tion of the user 

genlTirth°p ,n H ? 6 SySt6m - The ,ab ^' i 

mana 9ement center when the 
author of the data presents the content to the data man 
agement center. The edit label is general by te date 

S ™ use : abel and the scenarf o to 

the data management center. These are transferred to 
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ment 21°"^ "« ^ ^ * » e ** "-age- 



10 



—Encrypting- 

bPtwS 2A * 2B . 3nd 20 *** resents relationship 
between copynght label and copyrighted data 

In the copyright label and copyrighted data corr* 

ins, 10 th**- the "*s* z*z 

from header of the data as shown in Fig. 2A oHs into 

bonded to the header as shown in Rg 2C 

it is ' & Sl tfl ,o? ,yri9ht ' abel iS to the h ^er. 

whTch^ Z B 6Xtended ' abel a ^ngement. in 
which a plurality of copyright labels are combined 
together as shown in Fig. 2D . In case wherein 
.ntegrated as shown in Rg. 2B . if the a^JJSLj 

s^gle header which is limited in capacity In "he 
^nded label arrangement by combing XSity of 

rt exceeds the limit of packet si ze on Internet and this 
causes difficulty in distribution. 

There is a case where the copyright label * 
encrypted and used as shown in FigZ ZJTn£ 

— Ma. 3B. In these figures, square framed portions show 

Ss?wS. COf T 9hted iS encr ^ Gd - E ™ in 

case where the copyright label is not encrypted the 
copyright labels other than the finally added^pyrig* 
label are encrypted in the extended labe. arrangement 

=1^ P • " h,ch crypt ke * of the copyright labels 

TatuZTTtr* ancwted is i^ in'the c^y 

efth SSI! * ,3ter 35 ShOWn in R 9- 3C and FfcStt 
By this arrangement, it is possible to confirm the content 

of the previously added copyright labels 
vrinn? 3 ? j S d6Crypted ,0 P rote <* the COp- 

S"n^h^T t,0n deCrypt, '° n are *■*■ «S, 
S I ^2L? Wden ° n case the data to 

posed of characters, the burden of encryption and 

tSSS: T S ° bUt ,n «• ^ to b^ 

encrypted or decrypted is audio data or picture data 

fnJ-ZT" be en ° rm0us For •* reasooeven 
n case h.gh speed crypt algorithm is used as specia" 
type computer such as super-parallel type sSe^m 

cZ^TT'* rath6r 9enera.,y yP us5 , p e e ^ l 
computers, at present. ,t is not practical in softwear to 
encrypt or decrypt the data other than text daTi e 
moving piture data in real-time by softwear 

»n™ SCriPti0n Wi " be 9iven now on an arrangement of 
encrypt,™ , and decryption of data referring to^Rgs 1 
48. 4C. 4D. 4E. 4F and 4G. In these figures square 
framed portions are the portions to be encrypted 

F'B. 4A shows a method to use cryption in principle. 
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Only data body, overwhelmingly larger compared with a 
header portion, is encrypted, and the data header to be 
used to recognize the data is not encrypted. In this 

fsr^r * e ° f encryption «* d ^- 

inJ" ""I 8 * 1 th6re iS 8 method to encr /Pt the data 
header portion, without encrypting the data body portion 

TJ^T^ 4R h this Case ' ri * e ertre header is 
' J d3ta 030,101 be recognized. Hence, a 
part of the header is not encrypted. 

mt J S JS nethcd to red "ce the burden in the arrange- 
ment of Rg. 4A, only the forward portion of the data 
body can be encrypted as shown in Fig. 4C In this 
arrangement, it is only a part of the data body which 
2 2 e 6nCrypted or decr yPted. and the burden of 
encryption and decryption is extremely reduced 

Rg. 4D shows the case where the effect by the 
arrangement of Rg. 4C is increased more, and a pLal 

Rg- 4E shows a method called SKIP (Simple Kev- 
management for Internet Protocols). Here, data body is 
encrypted, and a part of the header is encryS 
wherry crypt key for decrypting the data bcSyt 
placed ,„ the encrypted portion in the header. In this 

Scl"!! ' " iS eXtr6mely difficu,t t0 cryptanalyze 
because two p.eces of cryption must be decrypted 

10™%*' T 0336 ° f the arran 9ement shown in Rg. 
4E, the entire data body is encrypted, and the burden of 
encryption and decryption is very high as in the case of 
£e arrangement shown in Fig. 4A. If the arrangement of 

Ra tc ^nT 71 , W ^ J *** h » ^ the arrangement of 
Fig. 4C and only the forward portion of the data body is 

S Sh ° Wn in Fl ' 9 - 4F> the bureJen <* encryption 
and decryption is extremely reduced because it is nec- 
essary to encrypt or decrypt only a part of the data 

In the arrangement of Fig. 4E, if a plurality of 
encrypted portions are provided in the data body as 

Ro 0 ^ 9 '^ C ° mDinin9 Wrth the a ™gement °f 
Rg. 4D. the effect is increased more. 

stru^T^l ' egardin 9 an encryption/decryption 
structure of data having general file form will be given 
referring to Rg S . 5 A. 5B and 5C. In these figured, 
square framed portions are to be encrypted 

Data having general file form consists of data body 
portion and data header portion, and further, copyright 
label connecting with or relating to. according to the 
present invention. Fig. 5A shows a method to use cryp- 

ngh label and data header are not encrypted, and 
similar to the arrangement of Fig. 4A. the burden of 
encryption and decryption is very high 

hQ J n ^l!? 51, th6re iS 3 metnod 10 encr yPt the data 
header portion without encrypting the data body portion 

SrS^-lT 8 - ' n ^ C3Se - ' 1he entire head er is 
Z Yf f !? T ^ ^ be rec °9ni-ed. Hence, a 
part of the header is not encrypted. In this case the 
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copyright label also is not encrypted. 

label wZ,? a " 0,he - meth0d to encr yPt the copyright 
™ntl ! nCryPt,r19 the dala ^ dataheader 
portions as shown in Fig. SC. In this case also, if the 

w^ch^rresponds to the copyright label cannot be rec- 

Sed ' 3 ° f th6 "W* 1 ,abel is n °t 

*nt J?^" ^ iS 3 method of so ^»ed object ori- 
^•^™ 9Pe ^ rmin9rarfous P r ^essi"9sby « 

d a ^S,H ' '^ ad * 9en6ral ,fle "n*** of 
cen^? f ^ ^ ^ 1116 «*»■* ha * basic L- 

S as S fe 35 Sh0Wn ^ 6A - A stori " 9 P^ion 
m,!S . ? '"^^lopecalledas^stance-acco- » 
modates data called as "instance variable". The slotis 

^ emn9, P rocessin 9. binding and so on 
and the instance variable can be referred to or operated 
only ^a "method". This function is called as "enS^S a, 
tan. Instruction from outside to make the -£25- 

-mLage-^ 316 inStanCe is ^"^ as 

This means, in another view, the instance variable 

SSn hT ^ " S Pr0t6Cted by the " me,hod " ^en 

* f ° r encr yP tina "method" and allow- 
•ng the .nstance variable to be referred to or operated 

to S~ ^ " F » 6a »* a,s °- simTarly 5. 
S ~ -I"!* meth0d " is encry P ted - * * impossible to 
In Rg. 6B, square flamed portion is encrypted. 
[1st Embodiment] 35 

referrin" < 2% n 7 Wi " * °" 3 *« e ^™nt 

a cast < 2S" * 6 PnnCip,e - descri P«° n * 9iven first on « 

da?to tntnl US6r 0ri9inal «W*W 

data to the next user without editing ft. The case where 

the user edits the original copyrighted data wi.l be 

rZ * Jf PraC,iCa,,y ' * e «• «*« •» origirS 
copynghted data is not edited is combined with the Lse <5 
where the or,g,nal copyrighted data is edited, and car- 
svS em o a tH eXP ' ained in the **« «*odi™ent In the 
He kev & *r 6 P ,T nt embodimef * ^ret-key and pub- 
l-c-key & pnvate-key are used. Therefore, an entity to 

center ° f * e data «Wtri 

0) An original author (data owner) A presents an 

^Py" 9 ^ ,abel Lo a "d requests the data ss 
management center Cd to distribute an original 
secret-key KsO. The original author may transfer or 
depoat the original copyrighted data to an informa- 
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ton provider (IP) or to database so that the informa- 
tion provider or the database can play a role of the 
original author. It is also possible that the original 
author A stores the origins secret-key KsO and 
encrypts the original copyrighted data MO without 
depending on the data management center Cd 
while the original secret-key KsO must be stored at 
the data management center Cd to utilize the origi- 
nal copyrighted data MO by the user (data user). 

(2) When the distribution of the original secret-key 
KsO is requested, the data management center Cd 
encrypts the original secret-key KsO corresponding 
to the original copyright label LO using a public-key 
Kba of the original author A: 

CksOkba = E (KsO. Kba) 

and distributes the encrypted original secret-key 
CteOkba together with the original copyright label 
LO to the original author A. 

The secret-key is hereafter, encrypted by a 
publ.c-key of a distributed destination in order to be 
decrypted only by the distributed destination 

In this case, the data management center Cd 

~ rt^!? ° ne " Way hash ° n * B ori 9 inal copyright 
label LO using algorithm such as MO 5 and pre- 
pares an original copyright label fingerprint FO e g 
the one having 1 6-byte data, and distributes it to the 
original author A. Thereafter, this electronic finger- 
print is transferred together with the copyrighted 

2L^ hen encr yf Jted original secret-key 
CksOkba is distributed, the original author A 
decrypts the encrypted original secret-key CksOkba 
using the private-key Kva of the original author A: 

KsO = D (CksOkba. Kva). 

encrypts the original copyrighted data MO using the 
decrypted original secret-key KsO: 



CmOksO = E (MO. KsO). 

and transfers the encrypted original copyrighted 
data CmOksO. the original copyright label LO and 
the ong.nal copyright label fingerprint FO to a first 
user U1 . 

(4) When the encrypted original copyrighted data 
CmOksO. the original copyright label LO and the 
original copyright label fingerprint FO are trans- 
ferred, the first user U1 presents the original copy- 
right label LO. the original copyright label fingerprint 
FO and first user label Lul. and requests the data 
management center Cd to distribute the original 
secret-key KsO and a first secret-key Ks1 
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5^ ♦ th6,,rSt secretk ey Ks1 . the data man- 
agement center Cd confirms validity of the pre- 

SS^r e0B ^ ht ,abe ' * * *• <*£n 
copyr ght tabel ftngerprtr* FO. and registers the first 

user label Lui. At the same time, the original 

SSTK S° 00m ^ on *» to *• original 
nght label LO and the first secret-key Ksl coJe- 
spond,ng to the first user label Lui are en«Sed 
using public-key Kb 1 of the first user U1 : 

CksOkbl = E (KsO. Kb1) 
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Ckslkbl =E(Ks1, Kb1) 

S2oJ!* ul 7 encrypted ori9inal 

S?S tT,* 6 6nCrypted first secre <-key 
Oksl kb1 to the first user U1 . 

clrZf I? e0Crypted or, ' 9ina) secre t-key 

S52? . "? 'k 6 encrypted ,irst secret - k «y 

Ckslkbl are distributed, the first user U1 decrypts 
the encrypted original secret-key CkOkbl and the 

^TZTrT^ Cte1kb1 usi " 9 
Key Kvi of the first user U1 : 

KsO = D (CksOkbl , Kv1) 

Ks1 =D (Ckslkbl. Kv1). 

SSLTiH 6 " 05 ^? ° ri9ina ' "Pyriahted data 

ss^iar - us,n9 decrypted ^ 
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publ,c-key. calculates the one-way hash value of the 
label and compares the two one-way hash values in 
order to verity the validity of each user's label. 

OOJJVhen the encrypted original copyrighted data 
CmOksl , the original copyright label LO. the original 
copynght label fingerprint FO and the first user label 
Ui1 are transferred, the second user U2 presents 
the ongmal copyright label LO, the original copyright 
label fingerprint FO, the first user label Lu1 and sec- 
ond user label Lu2, and requests the data manage- 
ment center Cd to distribute the first secret-key Ksl 
and second secret-key Ks2. 

(8) When requested to distribute the first secret-key 
Ks1 and the second secret-key Ks2, the data man- 
agement center Cd confirms validity of the original 
copynght label LO and the first user label Lu1 by the 
original copyright label fingerprint FO. 

When it is confirmed that the first user label 
Lu1 is valid, the data management center Cd regis- 
ters the second user label Lu2 and encrypts the first 
secret-key Ks1 corresponding to the first user label 
Lui and the second secret-key Ks2 corresponding 
to the second user label Lu2 using public-key Kb2 
of the.second user U2: 
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MO = D (CmOksO. KsO) 
and the decrypted origins copyrighted data MO is 
cwi^ 0356 • thS 0r ' 9inal copyrighted data MO is 

CmOksl = E (MO. Ks1). 

£££7^" C ° Pied 38 the 6nCry P ted original copy- 
2T Cm0ks1 - **** «* original copyright 

oseX vz b * red to a second ™ 

Key Ksl and » transferred as the encrypted original 
copyrighted data CmOksl. together with the o ,S 

ShitT- ori9inal copyri9ht ,abei f ^5 

(-0 and the first user label Lu1 . 

wau E h ! Ch h USe , r may Dut signature which one- 

uln • Va ' Ue ° f the - UBer1s ,abel is ^Wted 
SSLTT! Pr,vate - key on •» user s label to be 
presented to the data management center Cd 

en^JS nranagement center decrypts the 
encrypted one-way hash value using the user's 
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Cks1kb2 = E(Ks1, Kb2) 

Cks2kb2 = E (Ks2, Kb2) 

and distributes the encrypted first secret-key Cks1kb2 
and the encrypted second secret-key Cks2kb2 to the 
second user U2. 

(9) When the encrypted first secret-key Cks1kb2 
and the encrypted second secret-key Cks2kb2 are 
d,stnbuted, the second user U2 decrypts the 
encrypted first secret-key Cks1kb2 and the 
encrypted second secret-key Cks2kb2 using pri- 
vate-key Kv2 of the second user U2: 

Ks1 = D(Cks1kb2, Kv2) 

Ks2 = D (Cks2kb2, Kv2), 

decrypts the encrypted original copyrighted data 
CmOksl using the decrypted first secret-key Ks1 : 

MO = D (CmOksl , Ks1) 

and utilizes the decrypted original copyrighted data 
MO. 

In case the original copyrighted data MO is to 
be stored or copied, it is encrypted using the 
decrypted second secret-key Ks2 and the 
encrypted original copyrighted data CmOks2 is 
stored or copied. In case the original copyrighted 
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data MO is to be transferred to a third user U3 it is 
encrypted using the decrypted second secret-key 
ks* and the encrypted original copyrighted data 
CmOks 2 is transferred to the third user U3 together 
with nthe original copyright label LO. the original cop- 5 
ynght label fingerprint FO. the first user label Lul 
and the second user label Lu2. 

(10) When the encrypted original copyrighted data 
Cm0ks2 is transferred together with the original 10 
copynght label LO, the original copyright label fin- 
gerpnnt FO. the first user label Lu1 and the second 
user label Lu2. the third user U3 presents the origi- 
nal copyright label LO, the original copyright label 
f.ngerprint FO, the first user label Lu1 . the second is 
user label Lu2 and third user label Lu3. and 
requests the data management center Cd to distrib- 
ute the second secret-key Ks2 and third secret-key 

r\S3. 



20 

(11) When requested to distribute the second 
secret-key Ks2 and the third secret-key Ks3 the 
data management center Cd confirms whether the 
original copyright label LO. the first user label Lu1 
and the second user label Lu2 are valid or not ss 
using the original copyright label fingerprint FO 

When it is confirmed that the second user label 
Lu2 is valid, the data management center Cd regis- 
ters the third user label Lu 3 and encrypts the sec- 
ond secret-key Ks2 corresponding to the second so 
user label Lu2 and third secret-key Ks3 corre- 
sponding to the third user label Lu3 respectively 
using public-key Kb3 of the third user U3- 



Cks2kb3 = E (Ks2, Kb3) 
Cks3kb3 = E (Ks3, Kb3). 
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TTien. the encrypted second secret-key Cks2kb3 and 

£l en £ > ? ed Wld secret - ke V Cks3kb3 are distributed « 
to the third user U3. 

n?^ en * e enCf yPted second secret-key 
J?oI5 and * B encr yPted third secret-key 
Cks3kb3 are distributed, the third user U3 decrypts « 
the encrypted second secret-key Cks2kb3 and the 
encrypted third secret-key Cks3kb3 using private- 
key Kv3 of the third user U3: 



Ks2 = D (Cks2kb3, Kv3) 
Ks3 = D (Cks3kb3, Kv3) 



so 



and decrypts the encrypted original copyrighted 
data Cm0ks2 using the decrypted second secret- 55 

Key Ks2: 

MO = D (Cm0ks2. Ks2), 



thus utilizes the decrypted original copyrighted data 
MO. 

In case the original copyrighted data MO is to be 
stored or copied, it is encrypted using the decrypted 
th,rd secret-key Ks3. and the encrypted original copy- 
nghted data Cm0ks3 is stored or copied. In case the 
original copyrighted data MO is to be transferred to a 
fourth user U4, it is encrypted using the decrypted third 
secret-key Ks3. and encrypted original copyrighted data 
Cm0ks3 is transferred to the fourth user U4 together 
with the onginal copyright label LO, the first user label 
Lul. the second user label Lu2 and the third user label 

Then, the same operation is repeated. 



[2nd Embodiment] 

Description will be given on a second embodiment 
in which the key used to encrypt the copyrighted data is 
sent separately from the key used for decrypting the 
copyrighted data, referring to Fig. 8. In the second 
embedment, handling of keys, relationship between the 
original author, the information provider and the users 
as well as handling of labels are the same as in the first 
embodiment, and detailed description is not given here. 

(1) The original author A presents the original cop- 
yright label LO and requests the data management 
center Cd to distribute original secret-key KsO. 

(2) When requested to distribute the original secret- 
key KsO, the data management center Cd prepares 
an original copyright label fingerprint FO from the 
original copyright label LO. and encrypts the original 
secret-key KsO corresponding to the original copy- 
nght label LO using public-key Kba of the original 
author A: 

CksOkba = E (KsO, Kba), 

and distributes the encrypted original secret-key 
CksOkba together with the original copyright label 
LO to the original author A. 

(3) When the encrypted original secret-key 
CksOkba is distributed, the original author A 
decrypts the encrypted original secret-key CksOkba 
using private-key Kva of the original author A: 

KsO = D (CksOkba, Kva) 

and encrypts the original copyrighted data MO 
using the decrypted original secret-key KsO: 

CmOksO = E (MO, KsO). 

Then, the encrypted original copyrighted data 
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CmOksO. the original copyright label LO and the 
original copyright label fingerprint Fo are trans- 
ferred to the first user U1 . 

(4) When the encrypted original copyrighted data 
CmOksO. the original copyright label LO and the 
original copyright label fingerprint FO are trans- 
ferred, the first user Ul presents the original copy- 
right label LO. the original copyright label fingerprint 
FO and first user label Lu1. and requests the data 
management center Cd to distribute the original 
secret-key KsO. 

(5) When requested to distribute the original secret- 
key KsO, the data management center Cd confirms 
validity of the presented original copyright label LO 
us.ng the original copyright label fingerprint FO and 
registers the first user label Lu1. At the same time 
the original secret-key KsO corresponding to the 
original copyright label LO is encrypted using public- 
key Kb1 of the first user U1 : 

CksOkbl = E (KsO, Kb1) 
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and the encrypted original secret-key CksOkbl is 
distributed to the first user U1 . 

(6) When the encrypted original secret-key 
CksOkbl ts distributed, the first user U1 decrypts 
the encrypted original secret-key CkOkbl using pri- 
vate-key Kv1 of the first user U1 - 



25 



30 



KsO = D (CksOkbl, Kv1), 

decrypts the encrypted original copyrighted data 35 
CmOksO using the decrypted original secret-key 
KsO: 



MO = D (CmOksO, KsO), 

and utilizes the decrypted original copyrighted data 
MO. 

(7) In case the original copyrighted data MO is to be 
stored or copied, the original copyright label LO and 
the ongmal copyright label fingerprint FO, and the 
J* user label Lu1 are presented again, and the 
distribution of the first secret-key Ks1 is requested 
to the data management center Cd. 

(8) When requested to distribute the first secret-key 
Ks1 the data management center Cd confirms 
validity of the presented first user label Lu1 using 
the original copyright label fingerprint FO and 
encrypts the first secret-key Ks1 corresponding to 

LhY^?* f,YSt US6r ,abe ' U1 usin 9 Public-key 
Kb1 of the first user U1: 
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Ckslkbl =E(Ks1, Kb1) 



so 
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and distributes the encrypted first secret-key 
Ckslkbl to the first userUI. 

(9) When the encrypted first secret-key Ckslkbl is 
distributed, the first user U1 decrypts the encrypted 
first secret-key Ckslkbl using private-key Kv1 of 
the first user U1: 

Ks1 = D (Ckslkbl, Kv1) 

and encrypts the original copyrighted data MO 
using the decrypted first secret-key Ks1 : 

CmOksl =E(MO, Ks1). 

Then, the encrypted original copyrighted data 
CmOksl is stored or copied. In case the original 
copyrighted data MO is to be transferred to the sec- 
ond user U2, it is encrypted using the decrypted 
first secret-key Ks1 , and the encrypted original cop- 
yrighted data CmOksl is transferred together with 
the original copyright label LO, the original coovriaht 
label fingerprint FO, and the first user label Lul. ~ 

(10) When the encrypted original copyrighted data 
CmOksl , the original copyright label LO, the original 
copyright label fingerprint FO and the first user label 
Lu1 are transferred, the second user U2 presents 
the original copyright label LO, the original copyright 
label fingerprint FO, the first user label Lu1, and the 
second user label Lu2, and requests the data man- 
agement center Cd to distribute the first secret-key 
Ks1. 

(1 1) When requested to distribute the first secret- 
key Ks1, the data management center Cd confirms 
validity of the original copyright label LO and the first 
user label Lu1 using the original copyright label fin- 
gerprint FO. 

When it is confirmed that the first user label 
Lu1 is valid, the data management center Cd regis- 
ters the second user label Lu2, encrypts the first 
secret-key Ks1 corresponding to the first user label 
Lu1 using public-key Kb2 of the second user: 

Cks1kb2 = E (Ks1, Kb2) 



and distributes the encrypted first secret-key Ckslkb2 
to the second user U2. 

(12) When the encrypted first secret-key Cks1kb2 
is distributed, the second user U2 decrypts the 
encrypted first secret-key Cks1kb2 using private- 
key Kv2 of the second user U2: 



Ks1 = D (Cks1kb2, Kv2), 
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decrypts the encrypted original copyrighted data 
Cm0ks1 ""fl <he decrypted first secret-key Ks1 : 

M0 = D(Cm0ks1.Ks1) 
and utilizes the decrypted original copyrighted data 

(13) In case the original copyrighted data MO is to 
be stored or copied, the original copyright label LO 

uL°lT?> °? y " ght ,abe ' fingerprint F0 - ^ first 
user label Lul and the second user label Lu2 are 

presented again, and the distribution of second 

™f J K f ' S requested to data manage- 
ment center Cd. 

(14) When requested to distribute the second 
se^et-key Ks2. the data management center Cd 
confirms validity of Represented second user label 
UJ2 using the original copyright label fingerprint FO 
encrypts the second secret-key Ks2 corresponding 

Z ? l SL Stered S6C0nd USer ,abel ^2 "s«"ng Pub- 
lic-key Kb2 of the second user U2: 

Cks2kb2 = E (Ks2. Kb2) 

SaSSf? 8 *" SnCryPted S6COnd Secret ^ 
Oks2kb2 to the second user U2. 

fl^ n * e encrypted second secret-key so 
Ckskb2 , s distributed, the second user U2 decrypts 
the encrypted second secret-key Cks2kb2 usina 
private-key Kv2 of the second user (J2: 

Ks2 = D (Cks2kb2. Kv2), 

encrypts the original copyrighted data MO using the 
decrypted second secret-key Ks2: 

Cm0ks2 = E (MO. Ks2), 

and stores or copies it as the encrypted original 
copyrighted data Cm0ks2. In case the original 5> 

Si m ^ M ° ' S ,0 b6 to ^e Srd 

s^u I V**** USing ,he decr yPted second <s 
secret-key Ks2, and is transferred as the encrypted 
ongma copyrighted data Cm0ks2 together with the 
ongina, laM LQ ^ orjgjna( 

label fingerprint FO. the first user label Lul. and the 
second user label Lu2 to the third user U3. 

*" encr yP ,ed ori 9' n a' copyrighted data 
Cm0ks2 ,s transferred together with the original 
copyright label LO. the original copyright labeffin 

user label Lu2. the third user U3 presents the origi- 
nal copyright label LO. the original copyright label 
fingerprint FO. the first user label Lul. the second 
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user label Lu2 and the third user label Lu3 and 
requests the data management center Cd to distrib- 
ute the second secret-key Ks2. 

(17) When requested to distribute the second 
secret-key Ks2. the data management center Cd 
confirms whether the original copyright label LO the 
first user label Lu1 and the second user label Lu2 
are valid or not using the original copyright label fin- 
gerprint FO. 

When it is confirmed that the second user label 
Lu2 is valid, the data management center Cd regis- 
ters the third user label Lu3. encrypts the second 
secret-key Ks2 corresponding to the second user 
label Lu2 using public-key Kb3 of the thiid user U3 



Cks2kb3 = E (Ks2. Kb3) 

SL^fT* SnCrypted Second ^cret-key 
Cks2kb3 to the third user U3. 

(18) When the encrypted second secret-key 
Cks2kb3 is distributed, the third user U3 decrypts 
the encrypted second secret-key Cks2kb3 using 
private-key Kv3 of the third user U3 : 

Ks2 = D (Cks2kb3, Kv3), 

decrypts the encrypted original copyrighted data 
Cm0ks2 using the decrypted second secret-key 

MO = D (Cm0ks2, Ks2) 

and utilizes the decrypted original copyrighted data 
MO. 

(19) In case the original copyrighted data MO is 
stored and copied, the original copyright label LO 
the original copyright label fingerprint FO. the first 
user label Lu1. the second user label Lu2 and the 
third user label Lu3 are presented again, and the 
distribution of the third secret-key Ks3 is requested 
to the data management center Cd. 

(20) When requested to distribute the third secret- 
key Ks3, the data management center Cd confirms 
validity of the presented third user label Lu3 using 
the original copyright label fingerprint FO. The third 
secret-key Ks3 corresponding to the registered 
third user label Lu3 is encrypted using public-key 
Kb3 of the third user (J3: 

Cks3kb3 = E (Ks3, Kb3) 

and the encrypted third secret-key Cks3kb3 is dis- 
tributed to the third user (J3. 
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encrypted third se^eTtev cZa£ u^T ♦ "f*""'- ° tt,er WOrds ' un,ess the ori 9 inal ecfit 

We to reproduce the edited data 

Ks3 = K (Cks3kb3 Kv3) 5 .™ data from sin 9 le <**». 

v iwjj. there are a ^ |n whjch ^ ^ fe ^ 

encrypts the original copyrighted data MO usino the T^^L^f' 3 0888 daia < A + 
decrypted third secret-key te3 9 ^ ' S ° bta,ned by add,ng data X t0 »» ori 9*nal data A by 

' a user ; a ^e in which edited data {A"} is obtained by 

Cm0ks3 = E (MO Ks3) 2*!? If ° riginal data A in, ° ° n ' 9inal data e,ements 

A1, AZ - ~ ar| d changing the arrangement of the 

and aotesand copies it as the enc^ted e, WTO1 STed^^fxf ; VT^"'^"^ 

key Ks3 end is .ensued to the fourth user U4 1 "erS 3nd a ^ 9 " g ele - 

Se^rr^^StSrS ofig ,^---*^o'^--a B .chan 9 eo, 
original copyright label finaerorS TO ZrS " ^ 9 * arrangement, combination of the original 

user label Lu3 * fd combinat,on of « ^ *e user data arise respectively a 

secondary exploitation right as a secondary copyright 

Then, the same operation is repeated ^TJlTZ^Z* *° * 71,9 ° ri9inal 

'ntheab^enlionedembXent.onlythekevs 25 user > ^sts ,n the data X added by 

keys tor dec^n as h " ^ 3£2£ ~ £" * «** 

embodiment P 35 ,n the Second . ^ngements; and a case in which edited data {A1 + B1 

+ C1 +X1 + + A2 + B2 + C2 + X2 + + A3 + B3 

[3rd Embodiment] + C3 + X3 + } is obtained by dividing the original 

data A. B, C into original data elements A1 , A2 

a~S-~— ' S~~^ : -— 
and transfers ,« to the next user, refernng to Fig. 9 and Aiso in these cases, combination of a plurality of 

The edit processing of the convrinht^ ~ data ' cornbination <* a plurality of original data 

formed by e6m^7ilTco^2^ rt £ " ™" "** **• diviS ''° n * a ° f ori 9 inal da ' a ™» 

rttod/wwiJ^SSSS^^T?^ ° f the dements, and combination of 

the edited copyright^ h J? \ d ' V ' ded P ' Urality <* ori 9 inal data th * user data arise 

expressed b?Sa of ^uSSSfirJ^S^EtS 3 ^o^" right 35 a second " 

data. the in formation of the ut^Sit too"L Si . f? C ° Pyr ' 9ht wWch * n6CeSSary to be P r0,ected " Also - 

editing process data ^'9^ da »a and the by using a plurality of original data A. B and C. This 

Description on editina diaital data win k~ „• ™efood .s known as the cut-and-paste technique in 

program (edit tool) and thereby IftS™ oSn^«f2 \ and c from original data A, B and C and attach - 
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Further, there is a data linkage technique which 
links a plurality of data objects. In this data linkage tech- 
nique, object linkage part is arranged in Slot" of data 
object referred to as "pad". The -pad" is linked with other 
pad by the "slot", the operation of which is called "slot s 
connection" so that the objects are linked with each 
other. Inter-relationship of a plurality of objects linked in 
the way is represented by a tree structure, and thus rep- 
resented tree structure can be used for deletion or addi- 
tion of the object. 

While it is clear that original data and user data are 
data, the editing process: alteration of original data 
arrangement change of original data, combination of 
ongmal data with user data, division of original data and 
combination with user data, combination of a plurality of is 
original data each other, combination of a plurality of 
original data with user data, division and arrangement 
change of a plurality of original data, and combination of 
div,ded plurality of original data with user data, are also 
data. 

20 

When noticing that editing scenario of data, such as 
arrangement of original data and process of editing is 
also data, the secondary copyright on edited data can 
be protected by managing the user's copyright about 
data of editing process in addition to the original copy- 25 
right of the author on the original data and the user's 
copyright on the user's data. 

That is, rt is possible to ensure to manage the cop- 
yrights of edited data as well as of original data if it is 
regarded that the edited data is constituted of original so 
data, user data and editing scenario, and thus, by man- 
aging these original data, user data and editing sce- 
nario. In this case, the editing program used for editing 
data may be managed by the data management system 
of data copyrights, if necessary. ^ 

While the above data editing of original data can be 
performed by using an editing program corresponding 
to the original data, by handling the original data as 
Object-oriented software which has recently been 
focused on. it is possible to facilitate further editing of 40 
data and manage more preferably copyrights of data 
Moreover, by adopting agent-oriented software, a user 
can synthesize data with little labor. 

The agent-oriented software, unlike the conven- 
tional one. is a program having autonomy, flexibility and 45 
cooperativeness, which is able to meet a user's request 
with its characteristics of autonomy, flexibility and coop- 
erativeness in accordance with only a general instruc- 
tion of the user without specifically giving every 
operation instruction to the software. 50 

By incorporating the agent program into a basic 
system of a data copyright management system so that 
the database utilization of a user is watched and it is 
arranged that information including data utilization con- 
dition and charging is collected at the database or the 55 
copyright management center, using metering function 
placed in user terminal, and thus, it is possible to know 
the database utilization condition of the user at the data- 



base side or the copyright management center side and 
achieve more accurate copyright management. These 
agent program and its data are also necessary to be 
protected in copyrights, and therefore, are encrypted 
like original data. 

In this third embodiment shown in Fig. 10. the cop- 
yright label in the first and the second embodiments 
already described added with the editing scenario is 
called "edit label", and this is treated in the same man- 
ner as the copyright label in the first embodiment The 
handling of keys, relationship between the original 
author, the information provider, and the user, as well as 
the handling of labels are the same as m the first 
embodiment, and detailed description is not given here. 

(1) The original author A presents the original cop- 
yright label LO and requests the data management 
center Cd to distribute original secret-key KsO. 

(2) When requested to distribute the original secret- 
key KsO. the data management center Cd encrypts 
the original secret-key KsO corresponding to the 
original copyright label LO using public-key Kba of 
the original author A: 

" CksOkba = E (KsO. Kba) 

and distributes the encrypted original secret-key 
CksOkba together with the original copyright label 
LO to the original author A.- - - 

In this case, the data management center Cd 
performs one-way hash to the original copyright 
label LO using algorithm such as MD 5. for example, 
to 16-byte data amount, prepares an original copy- 
right label fingerprint FO, and distributes it to the 
original author A. This electronic fingerprint is pre- 
pared on each of the original copyrighted data and 
edited copyrighted data each time the original cop- 
yrighted data is edited and edited copyrighted data 
is obtained and is transferred, together with the 
copyrighted data. 

(3) When the encrypted original secret-key 
CksOkba is distributed, the original author A 
decrypts the encrypted original secret-key CksOkba 
using private-key Kva of the original author A: 

KsO = D (CksOkba, Kva), 

encrypts the original copyrighted data MO using the 
decrypted original secret -key KsO: 

CmOksO = E (MO, KsO) 

and transfers the encrypted original copyrighted 
data CmOksO. the original copyright label LO and 
the original copyright label fingerprint FO to the first 
user U1. 
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rl^ en ^ e enCf *P»«l ori 9ina' copyrighted data 
wnOksO. the original copyright label LO and the 
original copyright label fingerprint FO are trans- 
ferred, the first user ui presents the original copy- 
right label LO. the original copyright label fingerprint 5 

and first "ser label Lu1 and requests the data 
management center Cd to distribute the original 
secret-key KsO. 

(5) When requested to distribute the original secret- w 
key ksO. the data management center Cd confirms 
validity of the presented original copyright label LO 
using the original copyright label fingerprint FO and 
registers the first user label Lu1. At the same time 
the original secret-key KsO corresponding to the is 
original copyright label LO is encrypted using public- 
key Kb 1 of the first user U 1 : 



CksOkbl = E (KsO, Kb1) 

and the encrypted original secret-key CksOkbl is 
distributed to the first user U1 . 



20 



(6) When the encrypted original secret-key 
CksOkbl is distributed, the first user (J1 decrypts 25 
the encrypted original secret-key CksOkbl using 
private-key Kvl of the first user U1 : 



KsO = D (CksOkbl, Kv1), 

_ decrypts the encrypted original copyrighted data 
CmOksO using the decrypted original secret-key 

KsO: 

MO = D (CmOksO, KsO), 

and edits the decrypted original copyrighted data 
us,n 9 tn <* eciit tool and obtains edited copy- 
righted data Me 1. 

The edited copyrighted data Me1 thus obtained 
contains copyright of the first user, who edited the 
data, and also copyright of the original author who 
prepared the original copyrighted data. The copy- 
right of the original author relating to the original 
copyrighted data MO can be protected by the origi- 
nal copyright label LO which has been registered 
original copyright label fingerprint FO and the origi- 
nal secret-key KsO corresponding to the original 
copyright label LO and also by the first user label 
Lu1 and the first secret-key Ks1 corresponding to 
he first user label Lul. However, because no key 
for encrypting the edited copyrighted data Me1 is 
available, the secondary copyright of the first user 
relating to the edited copyrighted data Me1 is not 
yet protected. 

(7) To protect the secondary copyright of the first 
user relating to the edited copyrighted data Mel. 
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label of the first user, who is the author of the edited 
copyrighted data, and its electronic fingerprinting 
are used in the third embodiment. 

As already described, the edited copyrighted 
data can be expressed by data of the utflized origi- 
nal copyrighted data, information of the used edit 
tool and the editing scenario {editing process data). 
Accordingly, these informations and data are 
entered in the first user label, i.e. the first edit label 
Le1 . Further, to protect secondary exploitation right 
as the secondary copyright in subsequent distribu- 
tion process, the user U1 presents the first edit 
label Le1 to the data management center Cd so 
that the secondary copyright of the user U1 is reg- 
istered. 

(8) When the first edit label Le1 is presented, the 
data management center Cd confirms validity of the 
presented original copyright label LO using the orig- 
inal copyright label fingerprint FO and registers the 
first edit label Le1. At the same time, the electronic 
fingerprint Fe1 of the first edit label Le1 is prepared, 
and first edit secret-key Kse1 corresponding to the 
first edit label Le1 is encrypted by public-key Kbl of 
the first user LM at the data management center: 

Ckselkbl =E(Kse1, Kb1). 

and the encrypted first edit secret-key Ckselkbl is 
distributed to the first user U1 together with the 
electronic fingerprint Fel of the first edit label Let. 

(9) When the encrypted first edit secret-key 
Ckselkbl and the electronic fingerprint Fe1 of the 
first edit label Le1 are distributed, the first user U1 
decrypts the encrypted first edit secret-key 
Cksel kb1 using private-key Kv1 of the first user U1 : 

Kse1 = D (Ckselkbl, Kv1), 

encrypts the first edited copyrighted data Me1 
using the decrypted first edit secret-key Kse1 : 

,Cme1kse1 = E (Me1, Kse1) 

and transfers the encrypted first edited copyrighted 
data Cmelksel to the second user U2 together 
with the first edit label Le1, and the electronic fin- 
gerprint Fe1 of the first edit label Le1 . 



Then, the same operation is repeated. 
In the third embodiment, only the first edit label Le1 
and the electronic fingerprint Fe1 of the first edit label 
Lei are transferred together with the encrypted first 
55 edited copyrighted data Cmelksel when edited data 
transfer, while it is possible to arrange in such manner 
that the other labels and electronic fingerprints can be 
simultaneously transferred. 
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In the editing by utilizing a plurality of copyrighted 
data as shown in Fig. 9. operation is complicated 
Decause there are a large numbers of copyrighted data 
and it can be carried out as in the editing process using 
a single data. Description is not given here to avoid s 
lengthy explanation. 

In the systems of the first the second and the third 
embod,ments described above, the copyrighted data is 
encrypted using secret-key, and the secret-key for its 
decryption and secret-key for re-encryption used for 10 
storage, copying and transfer are distributed by the data 
management center based on the user label presented 
by the user. 

The secret-key for decryption and the secret-key for 
re-encryption are encrypted by the user public-key. is 
whose validity have been certified by the data manage- 
ment center in advance. Thus, these secret-keys are 
indirectly certified by the data management center. 
Because these secret-keys are used to encrypt the cop- 
ied data to be transferred, the copyrighted data to 20 
be transferred consequently is also certified by the data 
management center. Because certification by the data 
management center is of absolute nature, it is a hierar- 
chical type certification system represented by PEM 

O" the other hand, the copyrighted data itself is 25 
transferred between the users without being transferred 
to the data management center, and that might well be 
sad that the certification carried out in this process is a 
horizontal distributed type certification system repre- 
sented by PGP 

. , 30 

— ~ As i descr,bed ab ° v e. it is possible by the system of 
the embodiments to attain a certification system, which 
has high reliability of the hierarchical type certification 
system and easiness to handle of the horizontal distrib- 
uted type certification system. & 

The behavior and content of behavior of the users 
who utilize the copyrighted data are all identified at the 
date management center by the user labels presented 
by the users. The utilization including editing of the cop- 
ynghteddata is carried out via the data management <o 
center. Thus, the identity of the user can be reliably con- 
firmed. By confirming the contents and course of behav- 

IO w C ,°!L te ! 1tS 3nd hist0ry of the c °P^"ghted data can be 
certified. In this certification of the contents is applied to 
the electronic commerce, it is possible to certify the con- as 
tents of dealings by the data management center i e to 
perform "electronic notarization". 

When digital signature is put on user label or on edit 
iat>ei. and if computer virus enters the user label or the 
edit label, the data of the label changes. As a result, so 
hash value changes. Therefore, by verifying the digital 
signature, it is possible to detect intrusion of computer 
virus. Even when digital signature is not given, if turning 
to hash value is performed, the user label or the edit 
label is made unavailable by the changed hash value, 55 
and intrusion of computer virus can be detected 



[4th Embodiment] 



In case of distributed object system represented by 
license network system, the use of network computer to 
perform only input/output of data and data processing 
and not provided with data storage unit is adopted 
instead of conventional type computer, which pos- 
sesses data storage unit of large capacity. Further the 
use of a network computer similar to a terminal unit of 
large size computer, having only input/output function of 
data and not provided with data processing unit is also 
considered. This network computer does not have data 
storage unit and cannot store or copy the copyrighted 
data. 

Next, description will be given on an embodiment 
which can also be applied to a network computer not 
provided with data storage unit and used in the distrib- 
uted object system. It is needless to say that this 
embodiment is also applicable to an ordinary computer 
provided with data storage unit. 

To protect data copyright, it is necessary to use 
some sort of encryption technique to restrict unauthor- 
ized utilization of the copyrighted data. In the first the 
second, and the third embodiments described above to 
protect copyright in a system for an ordinary computer 
having data storage unit, encrypted copyrighted data 
and labels not encrypted as clues to utilize the copy- 
righted data are used. 

In contrast, in a system for a network computer 
which has only the function of the above-mentioned ter- 
minal unit, the copyrighted data is not stored, copied or 
transferred, and there is no need to encrypt the copy- 
righted data. 

As already explained in the third embodiment, the 
editing of copyrighted data is performed by modifying 
the original copyrighted data using the edit tool, and the 
edited copyrighted data thus obtained can be 
expressed by the utilized original copyrighted data 
information of the used edit tool and the editing sce- 
nario. 

This is the same in the distributed object system In 
case edited copyrighted data is produced by utilizing the 
copyrighted data in the database existing on the distrib- 
uted object system, the edited copyrighted data can be 
reproduced by specifying the utilized database the 
used original copyrighted data, information of the used 
edit tool and the editing scenario. The same applies to 
the case where a plurality of copyrighted data obtained 
from a single database or a plurality of databases are 
utilized. 

Description will be given now on the fourth embodi- 
ment referring to Fig. 1 1 . 

In this embodiment, the original copyright owner 
and the information provider (IP) holding the copy- 
nghted data are discriminated from the user who does 
not hold copyrighted data, and are arranged on the net- 
work side with the data management center and the 
like. In the system of this embodiment, public-key and 
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SSSr " 0ri9ina ' data is 

Inc™ 2fb! 3 U56r ' thS 0ri9inal ^a is 

fer^dS^^ 38 ^ 61 -^ 0 ^^^ of trans- 
ferred destination for the purpose of security. 

and^l^" 86 ' U1 S6arChes the «WrtBW»d data 5 
and collects necessary copyrighted data utilizing the 
ne^rk. broadcasting or recording medium. The" co, 
™ ^ fe tt " d ^rarily on 

Tuch^ ^ L US6r U1 " Even storage unit 

user J iS indUded the device <* « 

sSage uS* d3te is n <* - the data 

when 6r ^ thS data is "ot stored. 

TZ^Z ' S ! n att6mpt t0 Store *• inhibi t'"°" of storage 
of the copyrighted data is performed by destroying t£ is 
copynghted data on memory, changing data heSr on 
memory, turning the data to one-way hassle 
changing f (le name to non-storabie file name, etc 

While if is possible to inhibit the storage by data 

S pyri9hted data havin9 ***** 

E£cS2? r ' S aCCOmplished » •» *»Qa inhibition 
s performed by an operating system, which is related to 
the entire system or to the user's device 

nf J? 680 ?? 1 Wi " be 9,Ven on a rase ^ere a plurality ss 
of^pyrigrrted da^a^uj^eglin the fourth £*SL!L r 

US6r U1 Presente 1,16 first "ser label 
Lui to the data management center, collects the 30 

onginal copyrighted dataM0i(i = 1 2 3 ) 
from data library of the information provider lP in 
he system and obtains an edit tool Pe. | n this case 
the original copyrighted data MOi and the edit tool 
user r u V nCfypted Usins P"b""c-key Kb1 of the first 35 
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CmOikbl = E (MOi. Kb1) 
Cpekbl = E (Pe. Kb1) 

6 " Crypted or] ^ copyrighted data 
Crnojkbl and the encrypted edit tool Cpekbl are 
distributed to the first user U1 . 

an . ! his fir st user label Lu1 is referred 

dil ^ 2,n 9 ^ions of the original copyrighted 
date MO. and the edit tool Pe are recorded at the 
o^te management center and are utilized for charg- 
ing of a fee. a 

cl^T *!? V CfyPted 0ri9, " na ' «Wriflnted.data 
Crn0,kb1 and the encrypted edit tool Cpekbl are 
d.stnbuted. the first user U 1 decrypts the Sistributed 
encrypted onginal copyrighted data CmOikbl and 

K. 6 , ** 10 °' CpeWb1 usina Private-key 

Kvl of the first user U1 : 

M0i= D (CmOikbl. Kv1) 
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Pe=D (Cpekbl. Kv1). 



Using the decrypted edit tool Pe. the decrypted 
ongmal copyrighted data MOi is edited, and a first 
edited copyrighted data Mli (i = 1 2 3 i 
is obtained. ' 

W Obtaining the first edited copyrighted data Mli 
the first user U1 encrypts a first scenario Sli. which 
is the editing process data for the first edited copy- 
nghted data Mli. using public-key Kbc of the data 
management center: 

Cs1ikbc = E(Sli. Kbc) 

and presents the encrypted first scenario Cslikbc 
together with the first user label Lu1 to the data 
management center, so that secondary copyright of 
the user U 1 is registered. 

(5) When the encrypted first scenario Cslikbc is 
presented, the data management center Cd 
decrypts the encrypted first scenario Cslikbc using 
pr.vate-key Kvc of the data management center: 

Sli = D (Cslikbc. Kvc), 

prepares a first edit label Le1 based on the pre- 
sented user label of the first user U1 and the 
decrypted first scenario Sli. stores it in the data 
management center Cd, encrypts the first edit label 
Le1 using public-key Kbi of the first user U1 • 



Clelkbl =E(Lei, Kb1), 

and transfers the encrypted first edit label Clelkbl 
to the first user U1. 

(6) When the encrypted first edit label Clelkbl is 
transferred, the first user U1 decrypts the encrypted 
first edit label Clelkbl using private-key Kv1 of the 
first user 111: 

Le1 = D (Clelkbl. Kv1). 

encrypts the decrypted first edit label Le1 using 
public-key Kb2 of the second user U2: 

Cle1kb2 = E(Lel.Kb2) 

and transfers the encrypted first edit label Cle1kb2 
to the second user U2. but the first edited copy- 
nghted data M1i or the encrypted first edited copy- 
righted data is not transferred to the second user 

When the computer of the first user U 1 is pro- 
vided with a data storage unit, there is possibility 
that the collected copyrighted data or the edited 
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copyrighted date may be stored in the storage unit 
however, storage inhibition as described above is 
earned out to exclude storage, copying and transfer 
this case, it is possible, instead of the 

T^T . 2 81 ,abel Cle1W > 2 - to ^ electronic 
hj-prrt : Fi . which is obtained by turning the first 
edrt label to one-way hash value. In so doing it is 
possible to perform simplified transfer of the edit 
label by telephone voice. 

S^T^h 6nCryPted firSt ,abel Qe1kb2 is 
transferred, the second user U2 decrypts the trans- 
ferred encrypted first edit label Cle1kb2 using the 
pnvate-key Kv2 of the second user U2- 
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Lei = D(Clelkb2. Kv2), 

Key Kv2 of the second user 112: 

Clelkv2=:E(Le1 ( Kv2) 

and presents the encrypted first edrt label a e ikv2 
together w,th the second user label Ui2 to the date 
management center Cd 

25 

(8) When the encrypted first edit label Cle1kv2 and 
the second user label Lu2 are presented, the data 
management center Cd decrypts the presented 

ZT£T S ft,abe,C ' e1kv2u -9P^c ^ so 
kd<2 of the second user U2: 



Le1 = D (Cle1kv2. Kb2). 

collects the original copyrighted data MOi shown on 
the decrypted first edit label Le1. edits the original 
copynghted data MOi using the edit tool Pe baS 

labpM 1? S ^ iari0 S1i deSCTibed on ^ ed«* 

££L£ \ a . r6produces *e «"* edited copy- 
righted data Mli. Hr 

rpJ^l" 16 fifSt Gdited c °Py ri 9hted data M1i is 
^rf^ d3ta mana 9ement center Cd 
th. 2S! .V"* "PyriBhted data Mli and 
ond!? S e U2 "* ° f the Sec " 
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Cm1ikb2 = E (Mli, Kb2) 
Cpekb2 = E (Pe, Kb2) 

S?iSS I" 6nCryPted f ' rSt ^ta 
orS ufef S enCfyPted "* ,0 °' Cpekb2 10 the sec " 

(9) When the encrypted first edited copyrighted 
date ^env ,kb2 and the encrypted edit toof cSS 
are d.stnbuted. ,he second user U2 decrypts the 
d.stributed encrypted first edited copyrighted data 



50 



55 



Cmlikb2 and the encrypted edit tool Cpekb2 usinq 
pnvate-key Kv2 of the second user U2. 

M1i = D (Cm1ikb2. Kv2) 

Pe = D (Cpekb2. Kv2) 

and edits the decrypted first edited copyrighted 
data Mli usmg the decrypted edit tool Pe. and the 
second edited copyrighted data M2i (i = 1 2 3 
) is obtained. ' ' ' 

(10) When the second edited copyrighted data M2i 
is obtamed. the second user U2 encrypts the sec- 
ond scenario S2i. which is editing process data of 
the second edited copyrighted data M2i. using the 
public-key Kbc of the data management center: 

Cs2ikbc = E (S2i. Kbc) 

and presents the encrypted second scenario 
Cs2.kbc together with the second user label Lu2 to 
the data management center Cd. 

(1 1) When the encrypted second scenario CsSikbc 
« presented, the data management center Cd 
decrypts the encrypted second scenario Cs2ikbc 

certer t Cd PriVate " key KV ° ° f data mana 9 emerrt 
S2i = D (Cs2ikbc, Kvc). 

prepares a second edit label Le2 based on the pre- 
sented user label of the second user U2 and the 
decrypted second scenario S2i. stores it in the data 
management center Cd. encrypts the second edit 
label Le2 using public-key Kb2 of the second user 

Cle2kb2 = E (Le2, Kb2) 

and transfers the encrypted second edit label 
Cle2kb2 to the second user U2. 

(12) When the encrypted second edit label Cle2kb2 
<s transferred, the second user U2 decrypts the 
encrypted second edit label Cle2kb2 using private- 
key Kv2 of the second user U2: 

Le2 = D (Cle2kb2, Kv2), 

encrypts the decrypted second edit label Le2 using 
public-key Kb3 of the third user U3: 

Cle2kb3 = E (Le2. Kb3) 

and transfers the encrypted second edit label 
Cle2kb3 to the third user U3. Then, the same oper- 
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ation is repeated. 



In the fourth embodiment using this distributed 
ooject system, the copyrighted data is not stored by the 
user; but rt is stored only in the database. On the other 
hand, the user controls and stores only the edit label 
t.6.. the information relating to user and editing, which 
has information of the utilized original copyrighted data 
and the used edit too), the editing scenario and the infor- 
mation of the user who has edited. Only this edit label is 
encrypted and transferred between the users There- 
fore the copyrighted data is not stored, copied or trans- 
terred. 

Also, in the system of this embodiment, only the 
public-key and the private-key are used, and validity of 
this public-key is certified by the data management 
center ,n advance, and certification by the data man- 
agement center is of absolute nature. Accordingly, it is a 
h-erarchical type certification system represented by 

The edit label to be transferred is encrypted by the 
user's public-key. the validity of which has been certified 
in advance by the data management center, and it is 
transferred. Thus, its contents are reliable as it is indi- 

1*0% by thS data "dement center. The edit 

label rtseff is transferred between the users without 
being transferred to the data management center and it 
might well be said that it is horizontal distributed type 
certification system represented by PGP. 

As described above, it is possible according to the 
system of this embodiment to attain a certification sys- 
tem^ which has high reliability of the hierarchical type 
certification system and easiness to handle of the hori- 
zontal distributed type certification system 

Behavior and contents of behavior of the users uti- 
tang the copyrighted data are all identified by the user 
label presented by the users at the data management 
center. The utilization including editing of the copy- 
righted data is carried out through the data manage- 
ment center. Accordingly, the identity of each user can 
be reliably confirmed, and by confirming the contents 
and the course of behavior/contents and history of the 
copyrighted data can be certified. When this certifica- 
tion of contents is applied to electronic commerce, it is 
possible to certify the contents of dealing by the data 
management center, i.e. to perform "electronic notariza- 

Further, in case digital signature is put on the user 
abel or on the edit label, and if computer virus enters 
the user label or the edit label, the data of the label is 
change* and as a result change occurs in the hash 
value Therefore, by verifying digital signature, it is pos- 
sible to detect intrusion of computer virus. Even when 
digital signature is not given, if turning to hash value is 
performed, the user label or the edit label are made 
unavailable depending upon the changed hash value 
Thus rt .s possible to detect intrusion of computer virus 
Because behavior and contents of behavior of the 
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users utilizing the copyrighted data are all identified by 
the user label presented by the users at the data man- 
agement center, every charging system on the above 
functions effectively. 

[5th Embodiment] 

An embodiment in which a system of the present 
invention is applied to the electronic commerce will be 
given. A basic case is at first, explained in which all of 
the processings are performed through mediator as a 
data management center, referring to Fig. 12A. 

(1) User U looks a products catalogue of the medi- 
ator S via network, and requests the mediator S 
electronic commerce data Qm as dealing data 
including quotation for desired products and infor- 
mation of order form and payment terms. 

(2) When requested the electronic commerce data 
Qm. the mediator S encrypts a request R of the 
electronic commerce data Qm and first secret-key 
Ks1 by using public-key Kbm of maker M: 

Crkbm = E (R, Kbm) 
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Ckslkbm =E (Ks1. Kbm) 

and transfers encrypted request Crkbm and 
encrypted first secret-key Ckslkbm to the maker M. 

(3) When received the encrypted request Crkbm 
and encrypted first secret-key Ckslkbm. the maker 
M decrypts the transferred encrypted request 
Crkbm and encrypted first secret-key Ckslkbm by 
private-key Kvm of the maker M: 

R = D (Crkbm, Kvm) 

Ks1 = D (Ckslkbm. Kvm) 

encrypts electronic commerce data Qm corre- 
sponding to the request R by using decrypted first 
secret-key Ks1 : 

Cqmksl = E (Am. Ks1) 

and transfers encrypted electronic commerce data 
Cqmksl to the mediator S. 

(4) When received the encrypted electronic com- 
merce data Cqmksl. the mediator S decrypts 
transferred encrypted electronic commerce data 
Cqmksl by using the first secret-key Ks1 : 

Qm= D (Cqmksl. Ks1), 

encrypts again the decrypted electronic commerce 
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data Qm by using second secret-key Ks2: 
Cqmks2 = E (Qm. Ks2). 

Cks2kbu = E (Ks2, Kbu) 
^mS 2 nSf ?nd nCryP,ed e,eCtr ° niC C ° mmerce « 

SsaStotusru™ S6C0nd 

dl^ m r ,S iV !i enCrypted commerce 

seoSl c IS£ U , dSCrypts encr VPted second 
uSr U by US,n9 P ri ^e-key Kvu of 
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Ks2 = D (Cks2kbu. Kvu). 

£m£? h 6nCryPted e,ectronic ^erce data 
Cqmks2 by using decrypted second secret-key 

Qm = D (Cqmks2, Ks2). 

edits electronic commerce data Qm by enterinq 
order contents into electronic commercTS? 

Qu S° nL Sh6et QU ' enCr ^ te ^* sheet 30 
Q U thus f.I.ed in. by using the second secret-key 
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Cquks2 = E (Q U , Ks2) 
Z^t* ° rd6r Shee< to 

miaSoT : eC ri e,Ved ? n ^ order sheet Cquks2. 

SSL T S *■ enCTypted 0fder shee 40 
Oqukss by us.ng the second secret-key Ks2: 

Ou = D (Cquks2. Ks2). 

Cqukbrn = (Qu, Kbm) 
and transfers encryptd cder sheet Cqukbm to the 5. 

the ^ e k n e r reC M ,V f ^^^r sheet Cqukbrn. 

C?uZ hi 6CryPtS enCTypW order ^eet 
Cqukbrn by us.ng pnvate-key Kvm of maker M: 

Qu = E (Cqukbrn. Kvm) 55 

and the order is accepted and handled according to 



order contents of the decrypted order sheet Qu. 

Next an example of exceptional case when * 
user orders directly to a mater will rTexptined 
referring to Fig. 12B. stained, 

f^onal case, steps before above- 
( ?" ' n Wh,Ch &ncr ^ ted electronic com- 
Z ru fl CqmkS2 and enc ™*ed second secret- 
ly C ^W* are transferred to user U. are same 
steps as ba SlC case as shown in Fig. 12A. And 
tterefore same detailed description is not given 
here, and description of steps different from basic 
case is given. 

2 a W r e " To ^ 6nCrypted e,ecfronic commerce 
(S^T ^ 6nCrypted second secret-key 
Cks2kbu. the user U decrypts encrypted second 
secret-key Cks2kbu by using private-tey Kvu 

Ks2 = D (Cks2kbu. Kvu). 

£m£? K encrypted e, ectronic commerce data 
Oqmks2 by using decrypted second secret-key 



Qm = D (Cqmks2, Ks2), 

S™^> C °T ntS ,nt ° d6Crypted ^^ronic 
m 3 Tc l Qm ' '' e - P erformi "9 data editing. 

Su ? d ,L Sheet ° U ' encryp,s *• ord er she* 
Qu thus f.lled ,n. by using the second secret-key 

Cquks2 = E (Qu. Ks2) 
make?M SferS 0 "" Sheet to * e 

(8) When received encrypted order sheet Cquks2 

SuCST* tfanSferS ,hS 6nCrypted order sheet 
Cquks2 to the mediator S. 

(9) When received encrypted order sheet Cquks2 

SuEh? ' Sd6CryPtS SnCrypted ° rd * she * 
Ujuks2 by using second secret-key Ks2: 

Ou = D (Cquks2. Ks2). 

Cqukbrn = E (Q u . Kbm) 
and transfers it to the maker M. 

Skh^r r6CeiVed encry P ted sheet 

s^eeTS S m K ^ M d8CryP,S the encr ^ ted «** 
sheet Cqukbrn by usrng private-key Kvm of maker 
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M: 
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Qu = D (Cqukbm. Kvm) 

and handles the order acording to contents of the s 
order sheet Qu. 

In this electronic commerce system, computer soft- 
wear handled via network other than commercial pSd- 
ucts, can be also applied in dealings. 10 

In this case, softwear P is encrypted by maker M by 
using private-key Kvm of the maker M: 

Cpkvm = E (P. Kvm), 

encrypted softwear Cpkvm is transferred to mediator S 
encrypted softwear Cpkvm, thus transfemS is 
by the mediator S by using public-key Kbm of 
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P = D (Cpkvm. Kbm). 

d^rypted softwear P is encrypted by the mediator S by 
using public-key Kbu of user U: 

Cpkbu = E(P, «bu). 

encrypted softwear Cpkbu is transferred to the user U 
and the transferred encrypted softwear Cpkbu is 
decrypted by the user U by using private-key Kvu of so 

P = D (Cpkbu, Kvu). 

k8 i^- fof encr *P ted softw ear which is stored in as 
record.ng med,um such as CD-ROM are distributed on 
pay basis, and the crypt keys can be further, applied in 
dealings « the electronic commerce system, in the 
manner of similar way for computer softwear described 
aDove. 

In the basic case as described referring to Fig. 12A 

.hro^h l° f ^ d6a,in9 PrOC6SSin9S - e P erf °"^ 
1 * med,ator ' Rubles caused in omit- 

ting the mediator among dealing processes can be pre- 

vously prevented. In exceptional case as described « 
efemng ^ Fig _ 12B ^ . p ^ ^ ^ J** 

recess the content of order sheet and handles the 
frlnJf' ^"T SSaTy 8131 encf yP ,ed ^er sheet is 
lr tZ ° th i media,or and decrypted by the medi- 

Tc^Z* £ * e mediat ° r **** in dealing so 
processes without fall in this case also, and thus 
various troubles caused in omitting the mediator among 
dealmg processes can be previously prevented The 
secret-key which is transferred, may be transferred 

^ZT*L eiectronic commerce dafa o,her - 

In each embodiment described hereinbefore, while 
data or label is encrypted/decrypted, the burden of 



encryption and decryption is rather high. In case that 
the data and label are transferred via network, these are 
re-encrypted by secret-key and in addition are 
encrypted by public-key. Therefore, in order to utilise the 
transferred data and label, these are necessary to be 
decrypted by private-key and in addition, to be 
decrypted by secret-key. 

In order to reduce the burden of encryption and 
decryption, while partly encrypting is described as 
shown ,n Figs. 4A to 4G. if the processing ability of the 
user device is not high, even when partly encrypting 
performing both processings of encryption/decryption 
by secret-key system, which is for copyright manage- 
ment and encryption/decryption by public-key system 
which is for data security, is yet difficult. 

To cope with the above problems, encryp- 
tion/decryption, which is processing other than encryp- 
tion/decryption for protecting transferred data or label 
may be performed, for example, by an entity in the net- 
work, and encryptedAdecrypted data or label is trans- 
ferred to a user. While encryption/decryption for 
protecting transferred data or label is performed gener- 
ally by public-key cryptosystem, this encryption/decryp- 
tion is performed by a device of user. 

Above processing of encryption/decryption per- 
formed by an entity in the network may be applied to the 
case of reproduction of edited copyrighted data in the 
third and forth embodiments. 

In the third embodiment, encrypted copyrighted 
data and non-encrypted edit label including editing sce- 
nano are transferred from one user to next user The 
non-encrypted edit label and corresponding secret-key 
are stored in data management center. The next user 
transfers transferred encrypted copyrighted data and 
non-encrypted edit label to the data management 
center, and therefore, the copyrighted data is decrypted 
and thus, edited copyrighted data is reproduced based 
on decrypted copyrighted data and the edit label at the 
data management center. Then, the edited copyrighted 
data is transferred to the next user. 

In the fourth embodiment, encrypted edit label 
including editing scenario is only transferred from a user 
to next user. In contrast, the edit label is stored in the 
data management center. And therefore, the data man- 
agement center, by transferred encrypted edit label to 
the data management center by the next user, collects 
necessary original data based on the edit label and 
reproduces edited copyrighted data, and then, transfers 
the edited copyrighted data to the next user. 

Claims 

1 . Method for managing digital data to be transferred 
from an owner of data to a user of data via a com- 
munication network, with the steps: 

Providing secret-key. public-key, private-key 
data owner label, user label and data label: 



20 



EP 0 833 241 A2 



40 



Unking a data management center to a public- 
key storage and a secret-key generator and 
arranging same on said communication net- 
work; 

Certifying the public-keys of said owner and 
said user, and storing of said data owner label 
said user label and said data label by the data 
management center; 

Presenting said data owner label and data 
label, and requesting a secret-key for data 
encryption from said data management center 
by said owner; 

Preparing a data label fingerprint from said 
data label and transferring secret-key for 
encryption which is encrypted by using said 
public-key of owner together with said data 
label fingerprint to said owner by said data 
management center; 

Encryption of the data using said secret-key 
which k decrypted by using private-key of said 
owner, and transfer of said encrypted data 
said data label and said data label fingerprint to 
a first user by said owner 



said owner of data 



w 
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3. Method according to Claim 1. wherein said digital 
data is edited by the user, and editing scenario of 
said digital data is added to said data label. 

4. Method according to Claim 3. wherein a secondary 
copyright is registered by presenting the user label 
of said user and data label having said editing sce- 
nano of said digital data to said data management 
center by said user. 

5. Method according to Claim 3 or 4. wherein there is 
a plurality of said digital data. 



6. 



8. 
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Presenting user label of said first user said 
data label and said data label fingerprint, and 
requests a secret-key for decrypting said 
encrypted data and a secret-key for re-encrypt- 
•ng said data which is decrypted, to said data 
management center by said first user; 

Confirmation of validity of said data label by 
said data label fingerprint, registering of said 
user label of first user, and transfer of said 
secret-key for decrypting encrypted data and 
said secret-key for re-encrypting decrypted 4o 
data, both of which are encypted by using the 
publ.c-key of said first user, to said first user by 
said data management center; and 

Decryption of said secret-key for decryption 45 
and said secret-key for re-encryption by using 
the private-key of said first user, decryption and 
use of the encrypted data using said secret-key 
for decryption, encryption of the decrypted data 
using said secret-key for re-encryption to be so 
stored and copied, and transfer of the 
encrypted data together with said data label 
said data label fingerprint and said user label of 
first user to the next user by said first user 



Method according to Claim 1. 2. 3. 4, or 5 wherein 
digital signature is performed on said data label. 

Method according to Claim 1. 2. 3. 4. 5, or 6 
wherein charging a fee is performed by presenting 
the user label of said user and said data label to 
said data manaement center by said user. 

Method according to Claim 7. wherein the charging 
a fee is performed by metering bill payment method 
based on use results. 

Method according to Claim 8. wherein the metering 
data based on use results is stored in said data 
management center. 



Method according to Claim 1. wherein a copyright is 
registered by presenting said data owner label and 
said data label to said data management center by 
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10. Method according to Claim 8. wherein the metering 
data based on use results is stored in a device of 
said user. 

11. Method according to Claim 7. wherein the charging 
a fee is performed by prepayment method. 

12. Method according to Claim 11. wherein the prepay- 
ment data is stored in said data management 
center. 

13. Method according to Claim 11. wherein the prepay- 
ment data is stored in a device of said user. 

14. Method according to Claim 1. 2, 3. 4, 5. 6, 7. 8, 9. 
10. 1 1 . 12, or 13. wherein said digital data lias gen- 
eral file structure and only the data body thereof is 
at least partially encrypted. 

15. Method according to Claim 14, wherein the part of 
said data body with encryption is continuously 
arranged in said data body. 

16. Method according to Claim 14. wherein a plurality 
of parts of said data body with encryption is inter- 
mittently arranged in said data body. 
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17. Method according to Claim 1. 2. 3. 4. 5, 6. 7 8 9 

It, !!' 12 ' ° r 13, Wherein ^digital data has gen- 
eral We structure, and data header and data body 
tnereof are encrypted. 

18. Method according to Claim 17. wherein a part of 
sa.d data header and at least part of said data body 
are encrypted. y 

19. Method according to Claim 1. 2. 3. 4. 5 6 7 8 9 w 

1°,'. «' 12 :° f 13 ' Wherein ^digital data has gen- 
eral file structure and data header thereof onfy is 
encrypted. 



20. Method according to Claim 19. wherein at leastpart 
of said data header is encrypted. 
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Method according to Claim 1. 2, 3, 4 5 6 7 8 9 

lili 1 5 °L 13> Wh6rein aid d, '9 ifa, ^ata has gen- 
eral file structure, and only label is encrypted. 20 

22. Method according to Claim 1. 2, 3, 4 5 6 7 8 9 
IkLLV 2, ? 13, Wherein ^ ^Wl data has 

!™!L med f " e Stmc,ure ' and on| y method is 

encrypted. 

25 

23. Method for managing digital data to be transferred 
from an owner of data to a user of data via broad- 
cast, a communication network or data recording 

."u" 9 0 ublic - ke * Private-key. user label 30 
and data label; with the steps: 

Linking a data management center and the 
owner to a public-key storage, and arranging 
on said communication network; 3S 

Certifying the public-keys of said owner and 
said user and storage of said user label and 
said data label by said data management 
center; and 

40 

Obtaining said digital data and data label from 
said communication network by presenting 
sa,d user label to use said digital data, which is 
not stored in a device of said first user after 
using said digital data by a first user 
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24. Method according to Claim 23. wherein said digital 
data is not stored in the device of said user by dele- 
tion of said digital data. so 
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26. 



Method according to Claim 23. wherein said digital 
data is not stored in the device of said user by turn- 
ing sad digital data to one-way hash value. 

Method according to Claim 23. wherein said data 
management center is further linked to secret-key 
generator, and said digital data is encrypted by 



using a secret-key and stored in the device of said 
user. 

27. Method according to Claim 24. 25 or 26. wherein 
said ditogal data is edited, and edit label is obtained 
by adding editing scenario of said digital data to 
said data label. 

28. Method according to Claim 27. wherein said edit 
label is only transferred to next user. 

29. Method according to Claim 28. wherein said edit 
label .s encrypted by using public-key of said next 
user, and is transferred to said next user; 

said next user decrypts the encrypted edit label 
by using private-key of said next user and 
prensents decrypted said edit label to said data 
management center; 

said data management center transfers the diti- 
tal data based on said edit label to said next 
user; 

said next user uses and edits said digital data 
by editing scenario of said edit label. 

30. Method according to Claim 28, wherein said first 
user transfers said edit label to said next user; 

said next user presents said edit label to said 
data management center; 

said data management center transfers said 
digital data based on said edit label to said next 
user; 

said next user uses and edits said digital data 
by editing scenario of said edit label. 

31. Method according to Claim 30, wherein said first 
user performs digital signature to said edit label by 
using private-key of said first user. 

32. Method according to Claim 23. 24. 25, 26. 27. 28 
29. 30 or 31. wherein there are a plurality of said 
digital data. 

33. Method according to Claim 23. 24, 25. 26. 27. 28 
29. 30 31 or 32. wherein charging a fee is per- 
formed by presenting said user label and said data 
label to said data management center by said user. 

34. Method according to Claim 33, wherein the charg- 
ing a fee is performed by metering bill payment 
method based on use results. 
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35. Method according to Claim 34. wherein the meter- 
ing data based on use results is stored in said data 
management center. 

36. Method according to Claim 34, wherein the meter- 
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''ng data based on use results is stored in a device 
of said user. 

37. Method according to Claim 33. wherein the charg- 
es a fee is performed by prepaymerrt meth^ 

38. Method according to Claim 37. wherein the prepay- 
ment fS St ° red d3ta ^gemen, 



39. 



Method according to Claim 37. wherein the prepay- 
ment data .s stored in a device of said user 



10 



40. Method according to Claim 23. 24 25 26 27 2fl 

SS" V\ ^ 33 " 34 ' 3S " 36 " 37 ' 38 «». wherefn 
sari digital data has general file structure and data 
body thereof only is encrypted. 

41- Method according to Claim 40. wherein a part of 
said data body is encrypted. 

42 " H?? f C l° rdin9 tG C,aim 41 - wherei " »e part of 
fS? 1 ^ With enCT XPton is continuously 
arranged in said data body. 

43 ' U^TS l 000 ^" 9 t0 C ' aim 41 • wherein a P'"rality " 
of parte of said data body with encryption Ts inter- 
mittently arranged in said data body. 

44. Method according to Claim 27. 28. 29 30 31 3? 
33. 34. 35. 36, 37. 38. 39. 40. 41 . 42, or 43 wherein 
sa,d I digital data has general file structure, and data 
header and data body thereof are encrypted. 

45. Method according to Claim 44. wherein a part of 
a^~ erandat,eaStPart0<Said ^^ 



20 



25 



30 



35 



46 " ^1^, a f COrdin9 10 C ' aim 23 ' 24 ' 2 5. 26. 27. 28 

sal di^in 2 ; I 3 " 34 ' 35 ' 36 " 3? ' 38 0r 39 ' wher "" * 
said digrtal data has general file structure and data 

header thereof only is encrypted. 

47 ' T^hV 0 ^ ,0 C,aim wherein at ^ 

of said data header is encrypted. ^ 

48. Method according to Claim 23 24 25 26 27 pr 
230. 3, 32. 33. 34. 35. 36. 37. 33 o" 9 

50 

49. Method according to Claim 48. wherein a part of 
said label only is encrypted. 



51. Method for electronic commerce between producer 
and user via an agency, using secret-key. and pub- 
lic-key and private-key. with the steps; 

linking the agency to a public-key storage and a 
secret-key generator and arranging on a com- 
munication network; 

Requesting electronic commerce data 
from said agency by said user; 

Transfer of the request of said electronic com- 
merce data together with secret-key for encryp- 
tion, which is encrypted by using public-key of 
said producer, to said producer by the agency; 

Decryption of encrypted secret-key for encryp- 
tion by using private-key of said producer and 
encryption of said electronic commerce data by 
using decrypted secret-key for encryption and 
transfer of the encrypted electronic commerce 
data to said agency by said producer; 

Decryption of said encrypted electronic com- 
merce data by using said secret-key for encryp- 
tion, re-encryption of decrypted electronic 
commerce data by using secret-key for re- 
encryption, and transfer thereof together with 
said secret-key for re-encryption, which is 
- encrypted by using public-key of said user to 
said user by said agency; 

Decryption of encrypted secret-key for re- 
encryption by using private-key of said user 
decryption of encrypted electronic commerce 
data by using decrypted secret-key for re- 
encryption, making of order sheet by entering 
order content into decrypted electronic com- 
merce data, encrypting said order sheet by 
using secret-key for re- encryption, and transfer 
of encrypted order sheet to said agency by said 
user; 

Decryption of said encrypted order sheet by 
using said secret-key for re-encryption, encryp- 
tion of the decrypted order sheet by using pub- 
lic-key of said producer, and transfer of 
encrypted order sheet to said producer by said 
agency; 

Decryption of the encrypted order sheet by 
using private-key of said producer, and accept- 
ing of the order by said producer. 



50. Method according to Claim 23. 24. 25 26 27 28 55 c 9 m , 

29. 30 or 31. 31 , 32. 33. 34, 35 36 3 7 38 or 39 U**? fOT decXronic commerce according to Clam 

wherein said digital data has object-formed file S3id e,ectror "'c commerce data has 

structure, and only method is encrypted 96 '' e struc,ure an d data body thereof only is 

7H encrypted. 
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53. Method for electronic commerce according to Claim 
52. wherem the part of said data body with 
encoded is continuously arranged in said data 

^ "^ a ^ e,ec «™ rt e commerce according to Claim 
52 v^erem a plurality of parts of said data body 

toSST" is intermittenUy ™°* in "W 

55. Method for electronic commerce according to Claim 
51. wherem said electronic commerce data has 
genera! ^structure, and at least part of the daS 

at^ed at,MSt ^^ edata ^^ 

56. Method for electronic commerce according to Claim 
51. wherein said electronic commerce data has 

?Z"Z1 !* f UCtUre and on, y al ,6ast Part of the 
the data header thereof is encrypted. 

57. Method for electronic commerce according to Claim 
51. wheran said electronic commerce data has 
general file structure and only at least part of said 
label js encrypted. 

58: Method for electronic commerce according to Claim 
51. wherem said electronic commerce data has 
object-formed file structure and method 
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Fig. 1A 



LA8EL OWNER INFORMATION 



Fig. 1B 



LABEL OWNER INFORMATION + 

INFORMATION RELATING ORIGINAL COPYRIGHTED DATA 



Fig. 1C 



LABEL OWNER INFORMATION + 

ffinnl'MK COPYRIGHTED DATA + 

EDIT TOOL INFORMATION 4 EDITING SCENARIO 



Fig. 1D 



LABEL OWNER INFORMATION + 
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Fig. 2A 
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Fig. 3A 
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Fig. 4A 
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Fig. 4B 
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Fig. 5A 
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Fig. 7 
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Fig. 10 
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Fig. 12A 
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